<?php
/**
 * @author Jose Quintana
 * @copyright 2011 LBN Studio
 * Votes for CSME
 */

require ('./dbconfig.php');

$ip = $_POST['xip'];
$id = $_POST['xi'];
$counter = $_POST['xa'];
$time = time();

if(isset($_POST['xip']) && isset($_POST['xi']) && isset($_POST['xa'])) {
    $query = "INSERT INTO
      `tbl_visiteur`(
      `int_actualite`,
      `chr_ip`,
      `chr_timestamp`
    )VALUE (
      '" . sqlQuote($id, $cnn) . "',
      '" . sqlQuote($ip, $cnn) . "',
      '" . $time . "'
    )";

    $res   = mysql_query( $query, $cnn );

    $query = 'SELECT int_vote FROM `tbl_actualites` WHERE int_actualite = ' . $id ;

    $res = mysql_query( $query, $cnn );
    $row = mysql_fetch_assoc($res);
    $vote = intval($row['int_vote']) + 1;

    $query = "UPDATE 
      `tbl_actualites`
    SET
      `int_vote` = '" . $vote . "'
    WHERE
      `int_actualite` = " . $id;

    $res = mysql_query( $query, $cnn );
    
    if(mysql_affected_rows($cnn) > 0) echo "true";
}

function sqlQuote($value, $cnn) {
    if( get_magic_quotes_gpc() ) $value = stripslashes($value);
    if( function_exists("mysql_real_escape_string") ) $value = mysql_real_escape_string( $value, $cnn );
    else $value = addslashes( $value );
    return utf8_decode($value);
}